Help Net SecurityDaily information security news with a focus on enterprise security.

');
document.write('

');
document.write('

Should you trust that Chrome extension? Use CRXcavator to decide');
document.write('Duo Security has released CRXcavator, a tool that can help end users and enterprises make an informed decision about installing a specific Chrome extension. About CRXcavator CRXcavator was created as an internal tool by Duo’s Corporate Security Engineering team and, because it’s extremely helpful, they made it publicly available. “CRXcavator automatically scans the entire Chrome Web Store every 3 hours and produces a quantified risk score for each Chrome Extension based on several factors,” the … More → The post Should you trust that Chrome extension? Use CRXcavator to decide appeared first on Help Net Security.');
document.write('

');
document.write('

Criminal groups promising salaries averaging $360,000 per year to accomplices');
document.write('New research from Digital Shadows reveals that criminal groups are promising salaries averaging the equivalent of $360,000 per year to accomplices who can help them target high-worth individuals, such as company executives, lawyers and doctors with extortion scams. These salary promises can be higher still for those with network management, penetration testing and programming skills – with one threat actor willing to pay the equivalent of $768,000 per year, with add-ons and a final salary … More → The post Criminal groups promising salaries averaging $360,000 per year to accomplices appeared first on Help Net Security.');
document.write('

');
document.write('

Exposure of sensitive data via cloud applications and services increases 20%');
document.write('To identify top threats, the Dtex researchers collected and analyzed information from work-issued endpoints across more than 300,000 user accounts. Proprietary, cloud and personal accounts such as email were included in the total. Assessed organizations spanned multiple industries across North America, Europe (EMEA) and the Asia Pacific Region (APAC). The results are available in the Dtex 2019 Insider Threat Intelligence Report released by Dtex Systems. Among the top insider threat trends identified: 98% of assessments … More → The post Exposure of sensitive data via cloud applications and services increases 20% appeared first on Help Net Security.');
document.write('

');
document.write('

92% of organizations rank users as their primary security concern');
document.write('Cybercrime continues to evolve and become more sophisticated. AI and machine learning are leveraged by many criminal organizations to help them better understand how to improve their attacks and they are now targeting specific industry verticals, organizations and even individuals. Increases in the frequency of ransomware, phishing and crypto jacking attacks were experienced by businesses of nearly every size, vertical and locale. On average, 81% of organizations had some degree of concern around security issues, … More → The post 92% of organizations rank users as their primary security concern appeared first on Help Net Security.');
document.write('

');
document.write('

Tech companies fret over data privacy, but ready to bet on IPO market');
document.write('Cybersecurity concerns, along with U.S. economic growth, are the two top drivers anticipated to spur overall U.S. tech industry growth in 2019. Data privacy remains at the center of the sector’s worries, with 87 percent of tech CFOs expressing a high or moderate concern about the issue. It also ranked third in the list of companies’ biggest business priorities this year, after scaling the business (37 percent) and product or service innovation (34 percent), according … More → The post Tech companies fret over data privacy, but ready to bet on IPO market appeared first on Help Net Security.');
document.write('

');
document.write('

The risks associated with the influx of unauthorized collaboration tools');
document.write('A majority (82 percent) of end-users are pushing back on IT or management when the company tries to dictate which collaboration tools should be used. But IT is standing its ground; nearly two-thirds (63 percent) of information technology professionals say they prevail when employees push back. A new NextPlane report uncovers the risks associated with this influx of unauthorized collaboration tools, the internal pressures IT is feeling, and the level of resistance IT is experiencing … More → The post The risks associated with the influx of unauthorized collaboration tools appeared first on Help Net Security.');
document.write('

');
document.write('

PCI SSC accepting applications for the Qualified PIN Assessor Program');
document.write('PCI SSC is accepting applications for the Qualified PIN Assessor (QPA) Program. The QPA Program will enable security professionals to perform assessments using the PCI PIN Security Requirements and Testing Procedures (PCI PIN Security Standard). QPAs will be specifically trained in security controls that need to be validated as being in place to protect the transmission and processing of personal identification numbers (PINs). The new instructor-led training will cover the requirements for the secure management, … More → The post PCI SSC accepting applications for the Qualified PIN Assessor Program appeared first on Help Net Security.');
document.write('

');
document.write('

Dtex Systems platform enhancements providing user behavior intelligence and insider threat detection');
document.write('Dtex Systems, the leader in insider threat intelligence and detection, announced that significant enhancements are being added to the Dtex Advanced User Behavior Intelligence Platform. These will allow customers to extend visibility over system administrators and other privileged users’ actions, providing the most accurate understanding available of how this groups’ activities and behaviors impact risk. The company also announced that platform scalability improvements are allowing enterprise and government customers to rapidly extend insider threat detection … More → The post Dtex Systems platform enhancements providing user behavior intelligence and insider threat detection appeared first on Help Net Security.');
document.write('

');
document.write('

Armorblox uses deep learning to solve challenges with email security and data loss');
document.write('Armorblox announced that it has built the world’s first natural language understanding (NLU) platform for cybersecurity, analyzing sensitive information in emails and documents, and providing a new way to intelligently detect, alert and protect against identity-related attacks and data loss. Closing Series A funding with $16.5 million led by General Catalyst, Armorblox finally provides a way for organizations to protect against people-hacking. Armorblox will showcase the new solution at RSA Conference, March 4-8 in San … More → The post Armorblox uses deep learning to solve challenges with email security and data loss appeared first on Help Net Security.');
document.write('

');
document.write('

Netsurion releases EventTracker EDR, protecting against costly data breaches');
document.write('Netsurion, a leading provider of managed network connectivity, security, and compliance solutions, announced EventTracker EDR, the industry’s first managed endpoint threat detection and response (EDR) solution that is part of a unified SIEM platform and delivered as a managed security service. EventTracker EDR is optimized for small and midsized businesses, which represent 58 percent of all malware attack victims. EventTracker EDR, the next generation of endpoint protection, is effective in blocking against both known malware … More → The post Netsurion releases EventTracker EDR, protecting against costly data breaches appeared first on Help Net Security.');
document.write('